I recently had to inspect the SSL certificate of an e-mail provider (secure POP connection) . Here is a quick HOWTO using the Google Mail website as an example.
Issue this command on a box with openssl:
openssl s_client -connect mail.google.com:443 > google
Then cancel the command with CTRL-C.
A base64 representation of the web site’s certificate will be included in the output you redirected to the google file:
To inspect the certificate with openssl, use this command:
openssl x509 -in google -text
Or convert it to a certificate in DER format and open it on a Windows box:
openssl x509 -in google -outform DER -out google.der